• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • You already know Dokkio is an AI-powered assistant to organize & manage your digital files & messages. Very soon, Dokkio will support Outlook as well as One Drive. Check it out today!

View
 

Threat-Classification-Glossary

Page history last edited by Robert Auger 14 years, 5 months ago

Threat: "A potential violation of security" - ISO 7498-2

 

Impact: Consequences for an organization or environment when an attack is realized, or weakness is present.

 

Attack: A well-defined set of actions that, if successful, would result in either damage to an asset, or undesirable operation.

 

Vulnerability: "An occurrence of a weakness (or multiple weaknesses) within software, in which the weakness can be used by a party to cause the software to modify or access unintended data, interrupt proper execution, or perform incorrect actions that were not specifically granted to the party who uses the weakness." - CWE (http://cwe.mitre.org/documents/glossary/index.html#Vulnerability)

 

Weakness: "A type of mistake in software that, in proper conditions, could contribute to the introduction of vulnerabilities within that software. This term applies to mistakes regardless of whether they occur in implementation, design, or other phases of the SDLC." - CWE (http://cwe.mitre.org/documents/glossary/index.html#Weakness)

Comments (0)

You don't have permission to comment on this page.